Fix server-status availability to tor hidden services (#7456)

Make the server-status information unavailable by putting the vhost on a port that isn't configured as available to the tor hidden-service. Change-Id: Idd3bfefb5b7fc26fb0a8cf48cdf6afc68a4192bb
author: Micah Anderson <micah@leap.se> 2015-09-15 11:52:20 -0400
committer: Micah Anderson <micah@leap.se> 2015-09-15 13:58:43 -0400
commit: f8b2a72aa09fca368d3038efa9100a48126f8ae9 (patch)
tree: a5e84bc58c283a6e83cee6d0233e625062767db6 /puppet/modules/site_webapp/files
parent: 4c622c1b6d652effdc84899befa98c36c37d10a2 (diff)
1 files changed, 28 insertions, 0 deletions
diff --git a/puppet/modules/site_webapp/files/server-status.conf b/puppet/modules/site_webapp/files/server-status.conf
new file mode 100644
index 00000000..84cb9ae0
--- /dev/null
+++ b/puppet/modules/site_webapp/files/server-status.conf
@@ -0,0 +1,28 @@
+# Keep track of extended status information for each request
+ExtendedStatus On
+
+# Determine if mod_status displays the first 63 characters of a request or
+# the last 63, assuming the request itself is greater than 63 chars.
+# Default: Off
+#SeeRequestTail On
+
+Listen 127.0.0.1:8162
+NameVirtualHost 127.0.0.1:8162
+
+<VirtualHost 127.0.0.1:8162>
+
+<Location /server-status>
+    SetHandler server-status
+    Order deny,allow
+    Deny from all
+    Allow from 127.0.0.1
+</Location>
+
+</VirtualHost>
+
+
+<IfModule mod_proxy.c>
+    # Show Proxy LoadBalancer status in mod_status
+    ProxyStatus On
+</IfModule>
+
author	Micah Anderson <micah@leap.se>	2015-09-15 11:52:20 -0400
committer	Micah Anderson <micah@leap.se>	2015-09-15 13:58:43 -0400
commit	f8b2a72aa09fca368d3038efa9100a48126f8ae9 (patch)
tree	a5e84bc58c283a6e83cee6d0233e625062767db6 /puppet/modules/site_webapp/files
parent	4c622c1b6d652effdc84899befa98c36c37d10a2 (diff)